The Salon Booking System, a plugin for WordPress used for scheduling appointments at salons, spas, and small businesses, has a security vulnerability that allows unauthorized access. This means that attackers who are logged in with Subscriber-level access or higher can perform actions without permission.